what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files

CAID-brightstor.txt
Posted Dec 8, 2007
Authored by eEye Digital Security, Pedram Amini, cocoruder, Tenable Network Security, Dyon Balding, shirkdog | Site www3.ca.com

CA Security Advisory - Multiple vulnerabilities exist in BrightStor ARCserve Backup that can allow a remote attacker to cause a denial of service, execute arbitrary code, or take privileged action.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-5326, CVE-2007-5329, CVE-2007-5327, CVE-2007-5325, CVE-2007-5328, CVE-2007-5330, CVE-2007-5331, CVE-2007-5332
SHA-256 | eeb6c53417ccc26b912aa3b7ee71b7c4d770d635ec4f613ec8a5036d63014596

Related Files

China Chopper Caidao PHP Backdoor Code Execution
Posted Nov 6, 2015
Authored by Nixawk | Site metasploit.com

This Metasploit module takes advantage of the China Chopper Webshell that is commonly used by Chinese hackers.

tags | exploit
SHA-256 | d7fca763cda76a2b27b59c2e2618a505e5099c293f99615ce804976c10da3606
CA ARCserve Backup LDBserver Vulnerability
Posted Dec 10, 2008
Authored by Ken Williams | Site www3.ca.com

CA ARCserve Backup contains a vulnerability that can allow a remote attacker to cause a denial of service or execute arbitrary code. CA has issued patches to address the vulnerability. The vulnerability is due to insufficient verification of client data. A remote attacker can crash the LDBserver service or execute arbitrary code in the context of the service. Note: The client installation is not affected.

tags | advisory, remote, denial of service, arbitrary
advisories | CVE-2008-5415
SHA-256 | c3f42a1781959a4e232299fd40445813782d401f6a4ad863bcdc64c3aefdb67a
CAID-hips.txt
Posted Aug 13, 2008
Authored by Ken Williams | Site www3.ca.com

The Computer Associates Host-Based Intrusion Prevention System SDK contains two vulnerabilities that can allow an attacker to cause a denial of service or possibly execute arbitrary code. CA has issued updates to address the vulnerabilities. The first vulnerability occurs due to insufficient verification of IOCTL requests by the kmxfw.sys driver. A local attacker can send an IOCTL request that can cause a system crash or potentially result in arbitrary code execution. The second vulnerability occurs due to insufficient validation by the kmxfw.sys driver. An attacker can make a request that can cause a system crash.

tags | advisory, denial of service, arbitrary, local, vulnerability, code execution
advisories | CVE-2008-2926, CVE-2008-3174
SHA-256 | 985be0e793f4ac4d6d9e3779bf5ca6b54567e5ea355a83dec5b7ae1dbd4feee5
CAID-EmbedIngres.txt
Posted Aug 6, 2008
Authored by Ken Williams | Site www3.ca.com

CA products that embed Ingres contain multiple vulnerabilities that can allow a remote attacker to execute arbitrary code, gain privileges, or cause a denial of service condition.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2008-3356, CVE-2008-3357, CVE-2008-3389
SHA-256 | 6040ab449470478bb5b86d5556ee4b54361f55be9e1dd935da2bec7284d81f1f
CAID-disc-dos.txt
Posted Jun 18, 2008
Authored by Ken Williams | Site www3.ca.com

CA ARCserve Backup contains a vulnerability in the Discovery service (casdscsvc) that can allow a remote attacker to cause a denial of service condition. CA has issued patches to address the vulnerability. The vulnerability occurs due to insufficient verification of client data. An attacker can make a request that can crash the service.

tags | advisory, remote, denial of service
advisories | CVE-2008-1979
SHA-256 | 0741ffe1de4d95ff387305e81ed6300a04528dc9d2dc44058f58fe0edd600007
CAID-scmgw.txt
Posted Jun 5, 2008
Authored by Sebastian Apelt, Cody Pierce | Site www3.ca.com

CA Secure Content Manager contains multiple vulnerabilities in the HTTP Gateway service that can allow a remote attacker to cause a denial of service condition or execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
SHA-256 | 47555d68b8e92edea082d71fedeb7d325edf58e7a50e1aaa6b62fd587d4992bb
CAarc-multi.txt
Posted Apr 5, 2008
Authored by Ken Williams | Site www3.ca.com

CA Security Advisory - CA ARCserve Backup for Laptops and Desktops Server contains multiple vulnerabilities that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerabilities. The first issue occurs due to insufficient bounds checking on command arguments by the LGServer service. The second issue occurs due to insufficient verification of file uploads by the NetBackup service. In most cases, an attacker can potentially gain complete control of an affected installation. Additionally, only a server installation of BrightStor ARCserve Backup for Laptops and Desktops is affected. The client installation is not affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability, file upload
advisories | CVE-2008-1328, CVE-2008-1329
SHA-256 | 465613d80f35d24daf2fd29de5df3e3834e3533ddc03f34fa29343c01188d0fe
CAalert-multi.txt
Posted Apr 5, 2008
Authored by Ken Williams | Site www3.ca.com

CA Security Advisory - CA Alert Notification Server service contains multiple vulnerabilities that can allow a remote authenticated attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerabilities. The vulnerabilities are due to insufficient bounds checking in multiple procedures. A remote authenticated attacker or local user can exploit a buffer overflow to execute arbitrary code or cause a denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary, local, vulnerability
advisories | CVE-2007-4620
SHA-256 | 87c606935857a14dd69d4559e0de12e92406b71e84be5dad04da16eda476df5d
camulti-overflow.txt
Posted Mar 28, 2008
Authored by Ken Williams | Site www3.ca.com

CA Security Advisory - CA products that implement the DSM ListCtrl ActiveX control are vulnerable to a buffer overflow condition that can allow a remote attacker to cause a denial of service or execute arbitrary code with the privileges of the user running the web browser.

tags | advisory, remote, web, denial of service, overflow, arbitrary, activex
advisories | CVE-2008-1472
SHA-256 | 09da45444339d3374071c6c750d520dceb4ed69662d8b774f4b6bf0b10195eef
CA Security Advisory 35970
Posted Dec 24, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Security Advisory - A potential vulnerability exists in the Ingres software that is embedded in various CA products. This vulnerability exists only on Ingres 2.5 and Ingres 2.6 on Windows, and does not manifest itself on any Unix platform. Ingres r3 and Ingres 2006 are not affected.

tags | advisory
systems | windows, unix
advisories | CVE-2007-6334
SHA-256 | f7ca90c4521927236d3bbfefb70dc89c88259368d66a18dae3701216866ea1ca
CA Security Advisory 35754
Posted Oct 22, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Host-Based Intrusion Prevention System (CA HIPS) contains a vulnerability in the Server installation that can allow a remote attacker to take unauthorized administrative action. The vulnerability occurs due to raw request data being displayed in the log when viewed by a browser. The client installation is not vulnerable.

tags | advisory, remote
advisories | CVE-2007-5472
SHA-256 | c85539d8e715bc4393459fcd55868d6547302d34f075669e2c00d0567ee58f18
CAID-ARCserve.txt
Posted Oct 12, 2007
Authored by Ken Williams | Site www3.ca.com

Multiple vulnerabilities exist in BrightStor ARCserve Backup that can allow a remote attacker to cause a denial of service, execute arbitrary code, or take privileged action. The first set of vulnerabilities occur due to insufficient bounds checking by multiple components. The second vulnerability occurs due to privileged functions being available for use without proper authorization. The third set of vulnerabilities are due to a memory corruption occurring with the processing of RPC procedure arguments by multiple services. The vulnerabilities allow an attacker to cause a denial of service, or potentially to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-5325, CVE-2007-5326, CVE-2007-5327, CVE-2007-5328, CVE-2007-5329, CVE-2007-5330, CVE-2007-5331, CVE-2007-5332
SHA-256 | 8860eaa4bfc2250849f113f1ca5d8c680bf62c6a8fde2785a35e35b2338b7fea
CAID-hsmcmv.txt
Posted Sep 27, 2007
Authored by Ken Williams | Site www3.ca.com

Multiple vulnerabilities exist in the CsAgent service that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. The first set of vulnerabilities, CVE-2007-5082, occur due to insufficient bounds checking in multiple CsAgent service commands. The second set of vulnerabilities, CVE-2007-5083, occur due to insufficient validation of integer values in multiple CsAgent service commands, which can lead to buffer overflow. The third set of vulnerabilities, CVE-2007-5084, occur due to insufficient validation of strings used in SQL statements in multiple CsAgent service commands.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2007-5082, CVE-2007-5083, CVE-2007-5084
SHA-256 | 363a6e7d492038cdb02283292599822fec694fd384becbbaf92e0cbd416cee51
CAID-backup.txt
Posted Sep 25, 2007
Authored by Ken Williams | Site www3.ca.com

CA ARCserve Backup for Laptops and Desktops contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service condition or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-3216, CVE-2007-5003, CVE-2007-5004, CVE-2007-5005, CVE-2007-5006
SHA-256 | 5454620d885de990b879969d7c8d672b34a987080f8b5bfd71c41320e3bc6593
CA Security Advisory 35527
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize CA Message Queuing (CAM / CAFT) software contain a buffer overflow vulnerability. The vulnerability is a buffer overflow that can allow a remote attacker to execute arbitrary code by sending a specially crafted message to TCP port 3104.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2007-0060
SHA-256 | 46fe72c71f2b06a14afa104372ad4b44357e43e92eabdb5b2e93b341ebb45541
CA Security Advisory 35525
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA products that utilize the Arclib library contain two denial of service vulnerabilities. The first vulnerability is due to an application hang when processing a specially malformed CHM file. The second vulnerability is due to an application hang when processing a specially malformed RAR file.

tags | advisory, denial of service, vulnerability
advisories | CVE-2007-3875, CVE-2007-5645
SHA-256 | 01a0d7692b70c516c3cfb44baa9d756e9080e6e2262ee925e1c28f0efba48ff3
CA Security Advisory 35524
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

eTrust Intrusion Detection contains a vulnerability associated with the caller.dll ActiveX control. The vulnerability is due to the caller.dll ActiveX control being marked safe for scripting. An attacker, who can lure a user into visiting a malicious website, can potentially gain complete control of an affected installation.

tags | advisory, activex
advisories | CVE-2007-3302
SHA-256 | bf7652ef856974e523274a458f8762421906e746b5daddbe7db3072d50c9cec1
CA Security Advisory 35515
Posted Jul 20, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize Alert service functionality contain multiple vulnerabilities. The vulnerabilities are due to insufficient bounds checking on received data by certain RPC procedures. An attacker can exploit these buffer overflows to execute arbitrary code or cause service failure.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2007-3825
SHA-256 | dff03d4b04f6fb38db9efcc99d514db64917edf808004035f18a70b3cba857e0
CAID-Ingres.txt
Posted Jun 26, 2007
Authored by Ken Williams | Site www3.ca.com

Various CA products that embed Ingres products contain multiple vulnerabilities that can allow an attacker to potentially execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334
SHA-256 | b9420a8daa8448c325330f47f53519fd6d8bf578d33c969e755fb2c28d048bb8
CA Security Advisory 35395
Posted Jun 10, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Anti-Virus engine contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability, virus
advisories | CVE-2007-2863, CVE-2007-2864
SHA-256 | 7a18d60f22a825bfaf66d090825d58ae0eae1abbf39a0c649afdfefc4b5795cf
CA Security Advisory 35330
Posted May 12, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Anti-Virus for the Enterprise, CA Threat Manager, and CA Anti-Spyware contain multiple vulnerabilities that can allow an attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability, virus
advisories | CVE-2007-2522, CVE-2007-2523
SHA-256 | 8f199a847ae100657c96161091769e0883d36aa803d130e150619b62423ebc0c
CA Security Advisory 35277
Posted May 2, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA CleverPath Portal contains a vulnerability that can allow a local attacker to access confidential data. The vulnerability is due to insufficient filtering of SQL search queries. CA has issued a patch to address the vulnerability.

tags | advisory, local
advisories | CVE-2007-2230
SHA-256 | ea5c74d47d854c08f37384a948d4e8b4340a0d0bb6f3ef77f923334836a16891
CA Security Advisory 35198
Posted May 2, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA BrightStor ARCserve Backup Media Server contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-1785, CVE-2007-2139
SHA-256 | 50cf00ebba6e500a55c1f41bdda6ade451e15f3fa8050b06f214c5c44a6563ac
CAID-McAfee.txt
Posted Mar 20, 2007
Authored by Ken Williams | Site www3.ca.com

CA BrightStor ARCserve Backup contains four vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2006-6076, CVE-2007-0816, CVE-2007-1447, CVE-2007-1448
SHA-256 | 26afa70359ee71d1cdb1f3ba90e2bd4290ccf6d14fd317067b25d049a10fc66f
caid-msgeng.txt
Posted Mar 20, 2007
Authored by Winny Thomas

CA BrightStor ARCserve remote stack overflow exploit that takes advantage of msgeng.exe.

tags | exploit, remote, overflow
SHA-256 | 0b1a30b722ff620e0febfdb5b8951ad05cb2c7414c5e23ae648fd2e32271331f
Page 1 of 2
Back12Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close